CVE-2016-8645

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.

Weakness

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	*	4.8.9 (including)
Red Hat Enterprise Linux 7	RedHat	kernel-rt-0:3.10.0-693.rt56.617.el7	*
Red Hat Enterprise Linux 7	RedHat	kernel-0:3.10.0-693.el7	*
Red Hat Enterprise MRG 2	RedHat	kernel-rt-1:3.10.0-693.2.1.rt56.585.el6rt	*
Linux	Ubuntu	esm-infra-legacy/trusty	*
Linux	Ubuntu	esm-infra/xenial	*
Linux	Ubuntu	precise	*
Linux	Ubuntu	precise/esm	*
Linux	Ubuntu	trusty	*
Linux	Ubuntu	trusty/esm	*
Linux	Ubuntu	upstream	*
Linux	Ubuntu	vivid/ubuntu-core	*
Linux	Ubuntu	xenial	*
Linux	Ubuntu	yakkety	*
Linux-armadaxp	Ubuntu	precise	*
Linux-armadaxp	Ubuntu	upstream	*
Linux-aws	Ubuntu	upstream	*
Linux-aws-5.15	Ubuntu	upstream	*
Linux-aws-5.4	Ubuntu	upstream	*
Linux-aws-6.14	Ubuntu	upstream	*
Linux-aws-6.8	Ubuntu	upstream	*
Linux-aws-fips	Ubuntu	trusty	*
Linux-aws-fips	Ubuntu	upstream	*
Linux-aws-fips	Ubuntu	xenial	*
Linux-aws-hwe	Ubuntu	upstream	*
Linux-azure	Ubuntu	esm-infra/bionic	*
Linux-azure	Ubuntu	upstream	*
Linux-azure-4.15	Ubuntu	upstream	*
Linux-azure-5.15	Ubuntu	upstream	*
Linux-azure-5.4	Ubuntu	upstream	*
Linux-azure-6.11	Ubuntu	noble	*
Linux-azure-6.11	Ubuntu	upstream	*
Linux-azure-6.8	Ubuntu	upstream	*
Linux-azure-fde	Ubuntu	esm-infra/focal	*
Linux-azure-fde	Ubuntu	focal	*
Linux-azure-fde	Ubuntu	upstream	*
Linux-azure-fde-5.15	Ubuntu	esm-infra/focal	*
Linux-azure-fde-5.15	Ubuntu	focal	*
Linux-azure-fde-5.15	Ubuntu	upstream	*
Linux-azure-fips	Ubuntu	trusty	*
Linux-azure-fips	Ubuntu	upstream	*
Linux-azure-fips	Ubuntu	xenial	*
Linux-azure-nvidia	Ubuntu	upstream	*
Linux-bluefield	Ubuntu	upstream	*
Linux-euclid	Ubuntu	upstream	*
Linux-fips	Ubuntu	upstream	*
Linux-flo	Ubuntu	trusty	*
Linux-flo	Ubuntu	upstream	*
Linux-flo	Ubuntu	vivid/stable-phone-overlay	*
Linux-flo	Ubuntu	xenial	*
Linux-flo	Ubuntu	yakkety	*
Linux-gcp	Ubuntu	esm-infra/bionic	*
Linux-gcp	Ubuntu	upstream	*
Linux-gcp-4.15	Ubuntu	upstream	*
Linux-gcp-5.15	Ubuntu	upstream	*
Linux-gcp-5.4	Ubuntu	upstream	*
Linux-gcp-6.11	Ubuntu	noble	*
Linux-gcp-6.11	Ubuntu	upstream	*
Linux-gcp-6.14	Ubuntu	upstream	*
Linux-gcp-6.8	Ubuntu	upstream	*
Linux-gcp-fips	Ubuntu	trusty	*
Linux-gcp-fips	Ubuntu	upstream	*
Linux-gcp-fips	Ubuntu	xenial	*
Linux-gke	Ubuntu	esm-infra/focal	*
Linux-gke	Ubuntu	focal	*
Linux-gke	Ubuntu	upstream	*
Linux-gkeop	Ubuntu	esm-infra/focal	*
Linux-gkeop	Ubuntu	focal	*
Linux-gkeop	Ubuntu	upstream	*
Linux-goldfish	Ubuntu	trusty	*
Linux-goldfish	Ubuntu	upstream	*
Linux-goldfish	Ubuntu	xenial	*
Linux-goldfish	Ubuntu	yakkety	*
Linux-goldfish	Ubuntu	zesty	*
Linux-grouper	Ubuntu	trusty	*
Linux-grouper	Ubuntu	upstream	*
Linux-hwe	Ubuntu	esm-infra/bionic	*
Linux-hwe	Ubuntu	upstream	*
Linux-hwe-5.15	Ubuntu	upstream	*
Linux-hwe-5.4	Ubuntu	upstream	*
Linux-hwe-6.11	Ubuntu	noble	*
Linux-hwe-6.11	Ubuntu	upstream	*
Linux-hwe-6.14	Ubuntu	upstream	*
Linux-hwe-6.8	Ubuntu	upstream	*
Linux-hwe-edge	Ubuntu	esm-infra/bionic	*
Linux-hwe-edge	Ubuntu	upstream	*
Linux-ibm	Ubuntu	upstream	*
Linux-ibm-5.15	Ubuntu	upstream	*
Linux-ibm-5.4	Ubuntu	upstream	*
Linux-ibm-6.8	Ubuntu	upstream	*
Linux-intel	Ubuntu	upstream	*
Linux-intel-iot-realtime	Ubuntu	jammy	*
Linux-intel-iot-realtime	Ubuntu	upstream	*
Linux-intel-iotg	Ubuntu	upstream	*
Linux-intel-iotg-5.15	Ubuntu	upstream	*
Linux-iot	Ubuntu	upstream	*
Linux-kvm	Ubuntu	upstream	*
Linux-linaro-omap	Ubuntu	precise	*
Linux-linaro-omap	Ubuntu	upstream	*
Linux-linaro-shared	Ubuntu	precise	*
Linux-linaro-shared	Ubuntu	upstream	*
Linux-linaro-vexpress	Ubuntu	precise	*
Linux-linaro-vexpress	Ubuntu	upstream	*
Linux-lowlatency	Ubuntu	upstream	*
Linux-lowlatency-hwe-5.15	Ubuntu	upstream	*
Linux-lowlatency-hwe-6.11	Ubuntu	noble	*
Linux-lowlatency-hwe-6.11	Ubuntu	upstream	*
Linux-lowlatency-hwe-6.8	Ubuntu	upstream	*
Linux-lts-quantal	Ubuntu	precise	*
Linux-lts-quantal	Ubuntu	precise/esm	*
Linux-lts-quantal	Ubuntu	upstream	*
Linux-lts-raring	Ubuntu	precise	*
Linux-lts-raring	Ubuntu	precise/esm	*
Linux-lts-raring	Ubuntu	upstream	*
Linux-lts-saucy	Ubuntu	precise	*
Linux-lts-saucy	Ubuntu	precise/esm	*
Linux-lts-saucy	Ubuntu	upstream	*
Linux-lts-trusty	Ubuntu	precise	*
Linux-lts-trusty	Ubuntu	upstream	*
Linux-lts-utopic	Ubuntu	trusty	*
Linux-lts-utopic	Ubuntu	upstream	*
Linux-lts-vivid	Ubuntu	trusty	*
Linux-lts-vivid	Ubuntu	trusty/esm	*
Linux-lts-vivid	Ubuntu	upstream	*
Linux-lts-wily	Ubuntu	trusty	*
Linux-lts-wily	Ubuntu	upstream	*
Linux-lts-xenial	Ubuntu	trusty	*
Linux-lts-xenial	Ubuntu	upstream	*
Linux-maguro	Ubuntu	trusty	*
Linux-maguro	Ubuntu	upstream	*
Linux-mako	Ubuntu	trusty	*
Linux-mako	Ubuntu	upstream	*
Linux-mako	Ubuntu	vivid/stable-phone-overlay	*
Linux-mako	Ubuntu	xenial	*
Linux-mako	Ubuntu	yakkety	*
Linux-manta	Ubuntu	trusty	*
Linux-manta	Ubuntu	upstream	*
Linux-nvidia	Ubuntu	upstream	*
Linux-nvidia-6.11	Ubuntu	upstream	*
Linux-nvidia-6.8	Ubuntu	upstream	*
Linux-nvidia-lowlatency	Ubuntu	upstream	*
Linux-nvidia-tegra	Ubuntu	upstream	*
Linux-nvidia-tegra-5.15	Ubuntu	upstream	*
Linux-nvidia-tegra-igx	Ubuntu	upstream	*
Linux-oem	Ubuntu	esm-infra/bionic	*
Linux-oem	Ubuntu	upstream	*
Linux-oem-6.11	Ubuntu	upstream	*
Linux-oem-6.14	Ubuntu	upstream	*
Linux-oem-6.8	Ubuntu	upstream	*
Linux-oracle	Ubuntu	upstream	*
Linux-oracle-5.15	Ubuntu	upstream	*
Linux-oracle-5.4	Ubuntu	upstream	*
Linux-oracle-6.14	Ubuntu	upstream	*
Linux-oracle-6.8	Ubuntu	upstream	*
Linux-qcm-msm	Ubuntu	precise	*
Linux-qcm-msm	Ubuntu	upstream	*
Linux-raspi	Ubuntu	upstream	*
Linux-raspi-5.4	Ubuntu	upstream	*
Linux-raspi-realtime	Ubuntu	noble	*
Linux-raspi-realtime	Ubuntu	upstream	*
Linux-raspi2	Ubuntu	esm-infra/focal	*
Linux-raspi2	Ubuntu	focal	*
Linux-raspi2	Ubuntu	upstream	*
Linux-raspi2	Ubuntu	vivid/ubuntu-core	*
Linux-raspi2	Ubuntu	xenial	*
Linux-raspi2	Ubuntu	yakkety	*
Linux-realtime	Ubuntu	jammy	*
Linux-realtime	Ubuntu	noble	*
Linux-realtime	Ubuntu	upstream	*
Linux-riscv	Ubuntu	esm-infra/focal	*
Linux-riscv	Ubuntu	focal	*
Linux-riscv	Ubuntu	jammy	*
Linux-riscv	Ubuntu	noble	*
Linux-riscv	Ubuntu	upstream	*
Linux-riscv-5.15	Ubuntu	upstream	*
Linux-riscv-6.14	Ubuntu	upstream	*
Linux-riscv-6.8	Ubuntu	upstream	*
Linux-snapdragon	Ubuntu	upstream	*
Linux-snapdragon	Ubuntu	xenial	*
Linux-snapdragon	Ubuntu	yakkety	*
Linux-ti-omap4	Ubuntu	precise	*
Linux-ti-omap4	Ubuntu	upstream	*
Linux-xilinx-zynqmp	Ubuntu	upstream	*

Extended Description

Access control involves the use of several protection mechanisms such as:

When any mechanism is not applied or otherwise fails, attackers can compromise the security of the product by gaining privileges, reading sensitive information, executing commands, evading detection, etc. There are two distinct behaviors that can introduce access control weaknesses:

Potential Mitigations

Compartmentalize the system to have “safe” areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8645
CWE	https://cwe.mitre.org/data/definitions/284.html

Improper Access Control

Weakness

Affected Software

Extended Description

Potential Mitigations

References

CVE-2016-8645

Improper Access Control

Weakness

Affected Software

Extended Description

Potential Mitigations

Related Attack Patterns

References